package com.bookshop.controller;


import cn.hutool.core.io.FileUtil;
import cn.hutool.core.util.StrUtil;
import com.bookshop.annotation.RequirePerms;
import com.bookshop.entity.response.R;
import com.bookshop.entity.request.RoleForm;
import com.bookshop.entity.User;
import com.bookshop.service.PictureService;
import com.bookshop.service.UserService;
import com.bookshop.util.GetIdUtil;
import com.bookshop.util.JWTUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;

import javax.annotation.Resource;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.File;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.Map;

/**
 * <p>
 *  前端控制器
 * </p>
 *
 * @author g2l
 * @since 2024-01-13
 */
@RestController
@RequestMapping("/user")
public class UserController {
    @Autowired
    private GetIdUtil getIdUtil;

    @Resource
    private UserService userService;

    @Resource
    private PictureService pictureService;

    @GetMapping("/getInfo")
    public R getInfo(HttpServletRequest request){
        // 获取用户信息
        String phoneNumber = (String) request.getAttribute("phoneNumber");

        User user = userService.getUserByPhoneNumber(phoneNumber);

        return user == null ? R.error().message("用户不存在") : R.ok().put("user", user);
    }

    // 头像上传
    @PostMapping("/upload")
    public R upload(@RequestParam MultipartFile file, HttpServletRequest request) throws IOException {

        String phoneNumber = (String) request.getAttribute("phoneNumber");

        // 上传
        String fileUrl = pictureService.upload(file);

        // 存数据库
        userService.updatePicture(phoneNumber, fileUrl);

        return R.ok().put("fileUrl", fileUrl);
    }


    // 修改密码
    @PostMapping("/updatePassword")
    public R updatePassword(@RequestParam String newPassword, HttpServletRequest request){
        String phoneNumber = (String) request.getAttribute("phoneNumber");

        int update = userService.updatePassword(phoneNumber, newPassword);

        return update <= 0 ? R.error().message("修改失败") : R.ok().message("修改成功");
    }

    // 修改用户名
    @PostMapping("/updateUsername")
    public R updateUsername(@RequestParam String newUsername, HttpServletRequest request){
        String phoneNumber = (String) request.getAttribute("phoneNumber");

        int update = userService.updateUsername(phoneNumber, newUsername);

        return update <= 0 ? R.error().message("修改失败") : R.ok().message("修改成功");
    }

    // 修改手机号
    @PostMapping("/updatePhoneNumber")
    public R updatePhoneNumber(@RequestParam String newPhoneNumber, HttpServletRequest request){
        String phoneNumber = (String) request.getAttribute("phoneNumber");

        int update = userService.updatePhoneNumber(phoneNumber, newPhoneNumber);

        return update <= 0 ? R.error().message("修改失败") : R.ok().message("修改成功");
    }

    // 修改权限
    @RequirePerms("updateRoleId")
    @PostMapping("/updateRoleId")
    public R updateRoleId(@RequestBody RoleForm roleForm, HttpServletRequest request){
        String phoneNumber = roleForm.getPhoneNumber();
        Long newRoleId = roleForm.getRoleId();

        User user = userService.getUserByPhoneNumber(phoneNumber);
        // 修改超级管理员的权限
        if (user.getRoleId() == 3){
            return R.error().message("无法修改超级管理员的权限");
        }

        int update = userService.updateRoleId(phoneNumber, newRoleId);

        return update <= 0 ? R.error().message("修改失败") : R.ok().message("修改成功");
    }

    // 删除用户
    @RequirePerms("deleteUser")
    @PostMapping("/deleteUser")
    public R deleteUser(@RequestParam String phoneNumber, HttpServletRequest request){
        String myPhoneNumber = (String) request.getAttribute("phoneNumber");

        User deleteUser = userService.getUserByPhoneNumber(phoneNumber);
        // 删的用户不是普通用户，是管理员或超级管理员
        if (deleteUser.getRoleId() > 1){
            User user = userService.getUserByPhoneNumber(myPhoneNumber);
            // 同级或下级，则权限不足
            if (user.getRoleId() <= deleteUser.getRoleId()){
                // 超级管理员是无法修改同为超级管理员的权限的
                return R.error().message("权限不足");
            }
        }
        // 权限足够则删除
        int delete = userService.deleteUser(deleteUser);
        return delete <= 0 ? R.error().message("删除失败") : R.ok().message("删除成功");
    }
    //获取用户基础数据
    @GetMapping("getBasicInfo")
    public R getBasicInfo(HttpServletRequest request)
    {
        int userId = getIdUtil.getId(request);
        Map<String, String> resultMap = userService.getBasicInfo(userId);
        return R.ok().put("resultMap" , resultMap);
    }
}
